Apache Tomcat 7.0.57 Cluster & mod_proxy / mod_proxy_ajpHow can I set use mod_proxy_ajp with Apache and Tomcat?mod_proxy vs mod_proxy_ajp vs mod_jkLoad Balancing and Clustering using mod_proxy_ajp on Apache HTTP Server 2.2.21 and Tomcat 7.0.23Proxies, Apache, Tomcat - VHostsTwo tomcat 7 instance running on same machine not accepting requests on AJP connectorneed help in redirect from Apache to Tomcat with mod_proxy_ajpapache mod_proxy_ajp tomcat incomplete files occasionallyMultiple Domains Single Tomcat 7 - Apache Mod_proxyApache Tomcat + Apache2 + mod_proxy: Issues regarding clusterCannot get SSL working on Tomcat8.5
Non-aqueous eyes?
How to ensure color fidelity of the same file on two computers?
Is it possible to fly backward if you have 'really strong' headwind?
Who won a Game of Bar Dice?
Warning about needing "authorization" when booking ticket
How to trick the reader into thinking they're following a redshirt instead of the protagonist?
How to use memset in c++?
Why is a common reference string needed in zero knowledge proofs?
What to do when surprise and a high initiative roll conflict with the narrative?
Check if three arrays contains the same element
Is it possible to have 2 different but equal size real number sets that have the same mean and standard deviation?
Which languages would be most useful in Europe at the end of the 19th century?
Wooden cooking layout
With Ubuntu 18.04, how can I have a hot corner that locks the computer?
Is it safe to change the harddrive power feature so that it never turns off?
If I leave the US through an airport, do I have to return through the same airport?
Bb13b9 confusion
Print lines between start & end pattern, but if end pattern does not exist, don't print
How do free-speech protections in the United States apply in public to corporate misrepresentations?
Has there been a multiethnic Star Trek character?
How is the excise border managed in Ireland?
How to communicate to my GM that not being allowed to use stealth isn't fun for me?
Why does Sin[b-a] simplify to -Sin[a-b]?
Longest bridge/tunnel that can be cycled over/through?
Apache Tomcat 7.0.57 Cluster & mod_proxy / mod_proxy_ajp
How can I set use mod_proxy_ajp with Apache and Tomcat?mod_proxy vs mod_proxy_ajp vs mod_jkLoad Balancing and Clustering using mod_proxy_ajp on Apache HTTP Server 2.2.21 and Tomcat 7.0.23Proxies, Apache, Tomcat - VHostsTwo tomcat 7 instance running on same machine not accepting requests on AJP connectorneed help in redirect from Apache to Tomcat with mod_proxy_ajpapache mod_proxy_ajp tomcat incomplete files occasionallyMultiple Domains Single Tomcat 7 - Apache Mod_proxyApache Tomcat + Apache2 + mod_proxy: Issues regarding clusterCannot get SSL working on Tomcat8.5
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I have set up an Apache Tomcat Cluster with an Apache HTTP server and load balancing on CentOS 6.6 the following way:
+ 1 VM running HTTP server & 1 Tomcat instance (used for deployment, not answering requests)
+ 1 VM running 2 Tomcat instances on different ports
Important things first:
+ watchEnabled: on master = "true", on slaves = "false"
+ HTTP connector only for master node, not defined on slaves
+ port for AJP connector different on every instance
+ tcpListenerPort for NioReceiver different on every instance
+ jvmRoute value equals respective hostname on all instances
+ path to watchDir / tempDir different, deployDir = webapps on every instance
+ port for shutdown different on every instance
+ firewalld/iptables turned off on all nodes (testing environment)
+ YES, I have read lots of things about this topic (official documentation, tutorials, etc...) already.
server.xml (only the important part)
<Server port="8004" shutdown="SHUTDOWN">
<Service name="Catalina">
<!-- HTTP connector on port 8081 -->
<Connector
connectionTimeout="20000"
port="8081" protocol="HTTP/1.1"
redirectPort="8443"/>
<!-- Define an AJP 1.3 Connector on port 8012 -->
<Connector
port="8012"
protocol="AJP/1.3"
redirectPort="8443"/>
<!-- Engine definition for clustering -->
<Engine
defaultHost="localhost"
jvmRoute="acd10-master"
name="Catalina">
<Realm className="org.apache.catalina.realm.MemoryRealm"/>
<Host
appBase="webapps"
autoDeploy="true"
name="192.168.2.139"
undeployOldVersions="true"
unpackWARs="true">
<Cluster
channelSendOptions="6"
className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
useDirtyFlag="true">
<ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
<Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
<Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
<Channel className="org.apache.catalina.tribes.group.GroupChannel">
<Membership
address="228.0.0.4"
className="org.apache.catalina.tribes.membership.McastService"
dropTime="3000"
frequency="500"
port="45564"/>
<Receiver
address="auto"
className="org.apache.catalina.tribes.transport.nio.NioReceiver"
maxThreads="6"
port="4005"
timeout="100"/>
<Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
<Transport
className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
</Sender>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.ThroughputInterceptor"/>
</Channel>
<Deployer
className="org.apache.catalina.ha.deploy.FarmWarDeployer"
deployDir="/usr/local/tomcat7/webapps/"
tempDir="/usr/local/tomcat7/war-temp/"
watchDir="/usr/local/tomcat7/war-watch/"
watchEnabled="true"/>
</Cluster>
</Host>
</Engine>
</Service>
</Server>
mod_proxy.conf
<VirtualHost *:80>
DocumentRoot /var/www/html
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Proxy balancer://testcluster>
BalancerMember ajp://192.168.2.166:8010/ route=acd11-node01
BalancerMember ajp://192.168.2.166:8011/ route=acd11-node02
ProxySet lbmethod=byrequests
</Proxy>
# Exclude balancer-manager app to make it available on master
ProxyPass /balancer-manager !
ProxyPass / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
<Location /balancer-manager>
SetHandler balancer-manager
</Location>
</VirtualHost>
EDIT:
Apache error log (what it gives me after startup):
[Tue Jan 06 08:29:49.235859 2015] [mpm_prefork:notice] [pid 9655] AH00170: caught SIGWINCH, shutting down gracefully
[Tue Jan 06 08:29:50.306520 2015] [core:notice] [pid 9727] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Tue Jan 06 08:29:50.307867 2015] [suexec:notice] [pid 9727] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Jan 06 08:29:50.319218 2015] [so:warn] [pid 9727] AH01574: module proxy_module is already loaded, skipping
[Tue Jan 06 08:29:50.319797 2015] [so:warn] [pid 9727] AH01574: module proxy_ajp_module is already loaded, skipping
[Tue Jan 06 08:29:50.319827 2015] [so:warn] [pid 9727] AH01574: module proxy_balancer_module is already loaded, skipping
[Tue Jan 06 08:29:50.320610 2015] [so:warn] [pid 9727] AH01574: module proxy_http_module is already loaded, skipping
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::50a0:e2ff:fe74:5294. Set the 'ServerName' directive globally to suppress this message
[Tue Jan 06 08:29:50.328101 2015] [auth_digest:notice] [pid 9727] AH01757: generating secret for digest authentication ...
[Tue Jan 06 08:29:50.329387 2015] [lbmethod_heartbeat:notice] [pid 9727] AH02282: No slotmem from mod_heartmonitor
[Tue Jan 06 08:29:50.333216 2015] [mpm_prefork:notice] [pid 9727] AH00163: Apache/2.4.6 (CentOS) configured -- resuming normal operations
[Tue Jan 06 08:29:50.333263 2015] [core:notice] [pid 9727] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
What I try to achieve:
We have many enterprise web applications which we wanna load balance throughout a Tomcat farm.
What does work:
+ Tomcat clustering
+ Replication
+ FarmWarDeployer
What doesn't work:
Whenever I try to call an application that's been deployed throughout the cluster, it gives me 404 not found. Same for Tomcat root applications such as /manager/html or /host-manager. Only application that is working is /balancer-manager, obviously.
The httpd server is supposed to serve as a load balancer and proxy to the tomcats. It will have to deliver some static content but first and foremost, I need to get this thing up and running to load balance the JavaEE applications (servlets). AJP to the cluster nodes is a must have for me, since http access must not be allow (+ for some other reasons that are worth a totally different discussion).
Since everybody seems to set up the mod_proxy configuration in a different manner, I am looking for a straight forward solution that gives me something I can build on. If you need more information or more configuration details, let me know and I will provide you with those. I already have a second cluster configured using mod_jk and everything is working as intended, but the Stakeholders require this mod_proxy(_ajp) thing and it just grinds my gears.
Your help is much appreciated!
Best regards!
apache-2.2 tomcat cluster
asked Jan 6 '15 at 2:29
Mosh PitMosh Pit
1491313
|
show 5 more comments
I have set up an Apache Tomcat Cluster with an Apache HTTP server and load balancing on CentOS 6.6 the following way:
+ 1 VM running HTTP server & 1 Tomcat instance (used for deployment, not answering requests)
+ 1 VM running 2 Tomcat instances on different ports
Important things first:
+ watchEnabled: on master = "true", on slaves = "false"
+ HTTP connector only for master node, not defined on slaves
+ port for AJP connector different on every instance
+ tcpListenerPort for NioReceiver different on every instance
+ jvmRoute value equals respective hostname on all instances
+ path to watchDir / tempDir different, deployDir = webapps on every instance
+ port for shutdown different on every instance
+ firewalld/iptables turned off on all nodes (testing environment)
+ YES, I have read lots of things about this topic (official documentation, tutorials, etc...) already.
server.xml (only the important part)
<Server port="8004" shutdown="SHUTDOWN">
<Service name="Catalina">
<!-- HTTP connector on port 8081 -->
<Connector
connectionTimeout="20000"
port="8081" protocol="HTTP/1.1"
redirectPort="8443"/>
<!-- Define an AJP 1.3 Connector on port 8012 -->
<Connector
port="8012"
protocol="AJP/1.3"
redirectPort="8443"/>
<!-- Engine definition for clustering -->
<Engine
defaultHost="localhost"
jvmRoute="acd10-master"
name="Catalina">
<Realm className="org.apache.catalina.realm.MemoryRealm"/>
<Host
appBase="webapps"
autoDeploy="true"
name="192.168.2.139"
undeployOldVersions="true"
unpackWARs="true">
<Cluster
channelSendOptions="6"
className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
useDirtyFlag="true">
<ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
<Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
<Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
<Channel className="org.apache.catalina.tribes.group.GroupChannel">
<Membership
address="228.0.0.4"
className="org.apache.catalina.tribes.membership.McastService"
dropTime="3000"
frequency="500"
port="45564"/>
<Receiver
address="auto"
className="org.apache.catalina.tribes.transport.nio.NioReceiver"
maxThreads="6"
port="4005"
timeout="100"/>
<Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
<Transport
className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
</Sender>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.ThroughputInterceptor"/>
</Channel>
<Deployer
className="org.apache.catalina.ha.deploy.FarmWarDeployer"
deployDir="/usr/local/tomcat7/webapps/"
tempDir="/usr/local/tomcat7/war-temp/"
watchDir="/usr/local/tomcat7/war-watch/"
watchEnabled="true"/>
</Cluster>
</Host>
</Engine>
</Service>
</Server>
mod_proxy.conf
<VirtualHost *:80>
DocumentRoot /var/www/html
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Proxy balancer://testcluster>
BalancerMember ajp://192.168.2.166:8010/ route=acd11-node01
BalancerMember ajp://192.168.2.166:8011/ route=acd11-node02
ProxySet lbmethod=byrequests
</Proxy>
# Exclude balancer-manager app to make it available on master
ProxyPass /balancer-manager !
ProxyPass / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
<Location /balancer-manager>
SetHandler balancer-manager
</Location>
</VirtualHost>
EDIT:
Apache error log (what it gives me after startup):
[Tue Jan 06 08:29:49.235859 2015] [mpm_prefork:notice] [pid 9655] AH00170: caught SIGWINCH, shutting down gracefully
[Tue Jan 06 08:29:50.306520 2015] [core:notice] [pid 9727] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Tue Jan 06 08:29:50.307867 2015] [suexec:notice] [pid 9727] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Jan 06 08:29:50.319218 2015] [so:warn] [pid 9727] AH01574: module proxy_module is already loaded, skipping
[Tue Jan 06 08:29:50.319797 2015] [so:warn] [pid 9727] AH01574: module proxy_ajp_module is already loaded, skipping
[Tue Jan 06 08:29:50.319827 2015] [so:warn] [pid 9727] AH01574: module proxy_balancer_module is already loaded, skipping
[Tue Jan 06 08:29:50.320610 2015] [so:warn] [pid 9727] AH01574: module proxy_http_module is already loaded, skipping
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::50a0:e2ff:fe74:5294. Set the 'ServerName' directive globally to suppress this message
[Tue Jan 06 08:29:50.328101 2015] [auth_digest:notice] [pid 9727] AH01757: generating secret for digest authentication ...
[Tue Jan 06 08:29:50.329387 2015] [lbmethod_heartbeat:notice] [pid 9727] AH02282: No slotmem from mod_heartmonitor
[Tue Jan 06 08:29:50.333216 2015] [mpm_prefork:notice] [pid 9727] AH00163: Apache/2.4.6 (CentOS) configured -- resuming normal operations
[Tue Jan 06 08:29:50.333263 2015] [core:notice] [pid 9727] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
What I try to achieve:
We have many enterprise web applications which we wanna load balance throughout a Tomcat farm.
What does work:
+ Tomcat clustering
+ Replication
+ FarmWarDeployer
What doesn't work:
Whenever I try to call an application that's been deployed throughout the cluster, it gives me 404 not found. Same for Tomcat root applications such as /manager/html or /host-manager. Only application that is working is /balancer-manager, obviously.
The httpd server is supposed to serve as a load balancer and proxy to the tomcats. It will have to deliver some static content but first and foremost, I need to get this thing up and running to load balance the JavaEE applications (servlets). AJP to the cluster nodes is a must have for me, since http access must not be allow (+ for some other reasons that are worth a totally different discussion).
Since everybody seems to set up the mod_proxy configuration in a different manner, I am looking for a straight forward solution that gives me something I can build on. If you need more information or more configuration details, let me know and I will provide you with those. I already have a second cluster configured using mod_jk and everything is working as intended, but the Stakeholders require this mod_proxy(_ajp) thing and it just grinds my gears.
Your help is much appreciated!
Best regards!
apache-2.2 tomcat cluster
asked Jan 6 '15 at 2:29
Mosh PitMosh Pit
1491313
Is the 404 from Tomcat or Apache?
– ETL
Jan 6 '15 at 2:43
From Apache, it's shown in the HTTP request.
– Mosh Pit
Jan 6 '15 at 5:32
What is in your Apache error log?
– ETL
Jan 6 '15 at 16:18
Also, just to be sure - the web app does not redirect to https right? As that could give you a problem with the config above.
– ETL
Jan 6 '15 at 16:19
In your config above, your AJP connector is using port 8012. Your apache config points to 8011 and 8010. Another typo?
– ETL
Jan 6 '15 at 16:21
|
show 5 more comments
I have set up an Apache Tomcat Cluster with an Apache HTTP server and load balancing on CentOS 6.6 the following way:
+ 1 VM running HTTP server & 1 Tomcat instance (used for deployment, not answering requests)
+ 1 VM running 2 Tomcat instances on different ports
Important things first:
+ watchEnabled: on master = "true", on slaves = "false"
+ HTTP connector only for master node, not defined on slaves
+ port for AJP connector different on every instance
+ tcpListenerPort for NioReceiver different on every instance
+ jvmRoute value equals respective hostname on all instances
+ path to watchDir / tempDir different, deployDir = webapps on every instance
+ port for shutdown different on every instance
+ firewalld/iptables turned off on all nodes (testing environment)
+ YES, I have read lots of things about this topic (official documentation, tutorials, etc...) already.
server.xml (only the important part)
<Server port="8004" shutdown="SHUTDOWN">
<Service name="Catalina">
<!-- HTTP connector on port 8081 -->
<Connector
connectionTimeout="20000"
port="8081" protocol="HTTP/1.1"
redirectPort="8443"/>
<!-- Define an AJP 1.3 Connector on port 8012 -->
<Connector
port="8012"
protocol="AJP/1.3"
redirectPort="8443"/>
<!-- Engine definition for clustering -->
<Engine
defaultHost="localhost"
jvmRoute="acd10-master"
name="Catalina">
<Realm className="org.apache.catalina.realm.MemoryRealm"/>
<Host
appBase="webapps"
autoDeploy="true"
name="192.168.2.139"
undeployOldVersions="true"
unpackWARs="true">
<Cluster
channelSendOptions="6"
className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
useDirtyFlag="true">
<ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
<Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
<Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
<Channel className="org.apache.catalina.tribes.group.GroupChannel">
<Membership
address="228.0.0.4"
className="org.apache.catalina.tribes.membership.McastService"
dropTime="3000"
frequency="500"
port="45564"/>
<Receiver
address="auto"
className="org.apache.catalina.tribes.transport.nio.NioReceiver"
maxThreads="6"
port="4005"
timeout="100"/>
<Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
<Transport
className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
</Sender>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.ThroughputInterceptor"/>
</Channel>
<Deployer
className="org.apache.catalina.ha.deploy.FarmWarDeployer"
deployDir="/usr/local/tomcat7/webapps/"
tempDir="/usr/local/tomcat7/war-temp/"
watchDir="/usr/local/tomcat7/war-watch/"
watchEnabled="true"/>
</Cluster>
</Host>
</Engine>
</Service>
</Server>
mod_proxy.conf
<VirtualHost *:80>
DocumentRoot /var/www/html
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Proxy balancer://testcluster>
BalancerMember ajp://192.168.2.166:8010/ route=acd11-node01
BalancerMember ajp://192.168.2.166:8011/ route=acd11-node02
ProxySet lbmethod=byrequests
</Proxy>
# Exclude balancer-manager app to make it available on master
ProxyPass /balancer-manager !
ProxyPass / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
<Location /balancer-manager>
SetHandler balancer-manager
</Location>
</VirtualHost>
EDIT:
Apache error log (what it gives me after startup):
[Tue Jan 06 08:29:49.235859 2015] [mpm_prefork:notice] [pid 9655] AH00170: caught SIGWINCH, shutting down gracefully
[Tue Jan 06 08:29:50.306520 2015] [core:notice] [pid 9727] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Tue Jan 06 08:29:50.307867 2015] [suexec:notice] [pid 9727] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Jan 06 08:29:50.319218 2015] [so:warn] [pid 9727] AH01574: module proxy_module is already loaded, skipping
[Tue Jan 06 08:29:50.319797 2015] [so:warn] [pid 9727] AH01574: module proxy_ajp_module is already loaded, skipping
[Tue Jan 06 08:29:50.319827 2015] [so:warn] [pid 9727] AH01574: module proxy_balancer_module is already loaded, skipping
[Tue Jan 06 08:29:50.320610 2015] [so:warn] [pid 9727] AH01574: module proxy_http_module is already loaded, skipping
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::50a0:e2ff:fe74:5294. Set the 'ServerName' directive globally to suppress this message
[Tue Jan 06 08:29:50.328101 2015] [auth_digest:notice] [pid 9727] AH01757: generating secret for digest authentication ...
[Tue Jan 06 08:29:50.329387 2015] [lbmethod_heartbeat:notice] [pid 9727] AH02282: No slotmem from mod_heartmonitor
[Tue Jan 06 08:29:50.333216 2015] [mpm_prefork:notice] [pid 9727] AH00163: Apache/2.4.6 (CentOS) configured -- resuming normal operations
[Tue Jan 06 08:29:50.333263 2015] [core:notice] [pid 9727] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
What I try to achieve:
We have many enterprise web applications which we wanna load balance throughout a Tomcat farm.
What does work:
+ Tomcat clustering
+ Replication
+ FarmWarDeployer
What doesn't work:
Whenever I try to call an application that's been deployed throughout the cluster, it gives me 404 not found. Same for Tomcat root applications such as /manager/html or /host-manager. Only application that is working is /balancer-manager, obviously.
The httpd server is supposed to serve as a load balancer and proxy to the tomcats. It will have to deliver some static content but first and foremost, I need to get this thing up and running to load balance the JavaEE applications (servlets). AJP to the cluster nodes is a must have for me, since http access must not be allow (+ for some other reasons that are worth a totally different discussion).
Since everybody seems to set up the mod_proxy configuration in a different manner, I am looking for a straight forward solution that gives me something I can build on. If you need more information or more configuration details, let me know and I will provide you with those. I already have a second cluster configured using mod_jk and everything is working as intended, but the Stakeholders require this mod_proxy(_ajp) thing and it just grinds my gears.
Your help is much appreciated!
Best regards!
apache-2.2 tomcat cluster
asked Jan 6 '15 at 2:29
Mosh PitMosh Pit
1491313
I have set up an Apache Tomcat Cluster with an Apache HTTP server and load balancing on CentOS 6.6 the following way:
+ 1 VM running HTTP server & 1 Tomcat instance (used for deployment, not answering requests)
+ 1 VM running 2 Tomcat instances on different ports
Important things first:
+ watchEnabled: on master = "true", on slaves = "false"
+ HTTP connector only for master node, not defined on slaves
+ port for AJP connector different on every instance
+ tcpListenerPort for NioReceiver different on every instance
+ jvmRoute value equals respective hostname on all instances
+ path to watchDir / tempDir different, deployDir = webapps on every instance
+ port for shutdown different on every instance
+ firewalld/iptables turned off on all nodes (testing environment)
+ YES, I have read lots of things about this topic (official documentation, tutorials, etc...) already.
server.xml (only the important part)
<Server port="8004" shutdown="SHUTDOWN">
<Service name="Catalina">
<!-- HTTP connector on port 8081 -->
<Connector
connectionTimeout="20000"
port="8081" protocol="HTTP/1.1"
redirectPort="8443"/>
<!-- Define an AJP 1.3 Connector on port 8012 -->
<Connector
port="8012"
protocol="AJP/1.3"
redirectPort="8443"/>
<!-- Engine definition for clustering -->
<Engine
defaultHost="localhost"
jvmRoute="acd10-master"
name="Catalina">
<Realm className="org.apache.catalina.realm.MemoryRealm"/>
<Host
appBase="webapps"
autoDeploy="true"
name="192.168.2.139"
undeployOldVersions="true"
unpackWARs="true">
<Cluster
channelSendOptions="6"
className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
useDirtyFlag="true">
<ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
<Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
<Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
<Channel className="org.apache.catalina.tribes.group.GroupChannel">
<Membership
address="228.0.0.4"
className="org.apache.catalina.tribes.membership.McastService"
dropTime="3000"
frequency="500"
port="45564"/>
<Receiver
address="auto"
className="org.apache.catalina.tribes.transport.nio.NioReceiver"
maxThreads="6"
port="4005"
timeout="100"/>
<Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
<Transport
className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
</Sender>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
<Interceptor
className="org.apache.catalina.tribes.group.interceptors.ThroughputInterceptor"/>
</Channel>
<Deployer
className="org.apache.catalina.ha.deploy.FarmWarDeployer"
deployDir="/usr/local/tomcat7/webapps/"
tempDir="/usr/local/tomcat7/war-temp/"
watchDir="/usr/local/tomcat7/war-watch/"
watchEnabled="true"/>
</Cluster>
</Host>
</Engine>
</Service>
</Server>
mod_proxy.conf
<VirtualHost *:80>
DocumentRoot /var/www/html
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Proxy balancer://testcluster>
BalancerMember ajp://192.168.2.166:8010/ route=acd11-node01
BalancerMember ajp://192.168.2.166:8011/ route=acd11-node02
ProxySet lbmethod=byrequests
</Proxy>
# Exclude balancer-manager app to make it available on master
ProxyPass /balancer-manager !
ProxyPass / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
<Location /balancer-manager>
SetHandler balancer-manager
</Location>
</VirtualHost>
EDIT:
Apache error log (what it gives me after startup):
[Tue Jan 06 08:29:49.235859 2015] [mpm_prefork:notice] [pid 9655] AH00170: caught SIGWINCH, shutting down gracefully
[Tue Jan 06 08:29:50.306520 2015] [core:notice] [pid 9727] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Tue Jan 06 08:29:50.307867 2015] [suexec:notice] [pid 9727] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Jan 06 08:29:50.319218 2015] [so:warn] [pid 9727] AH01574: module proxy_module is already loaded, skipping
[Tue Jan 06 08:29:50.319797 2015] [so:warn] [pid 9727] AH01574: module proxy_ajp_module is already loaded, skipping
[Tue Jan 06 08:29:50.319827 2015] [so:warn] [pid 9727] AH01574: module proxy_balancer_module is already loaded, skipping
[Tue Jan 06 08:29:50.320610 2015] [so:warn] [pid 9727] AH01574: module proxy_http_module is already loaded, skipping
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::50a0:e2ff:fe74:5294. Set the 'ServerName' directive globally to suppress this message
[Tue Jan 06 08:29:50.328101 2015] [auth_digest:notice] [pid 9727] AH01757: generating secret for digest authentication ...
[Tue Jan 06 08:29:50.329387 2015] [lbmethod_heartbeat:notice] [pid 9727] AH02282: No slotmem from mod_heartmonitor
[Tue Jan 06 08:29:50.333216 2015] [mpm_prefork:notice] [pid 9727] AH00163: Apache/2.4.6 (CentOS) configured -- resuming normal operations
[Tue Jan 06 08:29:50.333263 2015] [core:notice] [pid 9727] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
What I try to achieve:
We have many enterprise web applications which we wanna load balance throughout a Tomcat farm.
What does work:
+ Tomcat clustering
+ Replication
+ FarmWarDeployer
What doesn't work:
Whenever I try to call an application that's been deployed throughout the cluster, it gives me 404 not found. Same for Tomcat root applications such as /manager/html or /host-manager. Only application that is working is /balancer-manager, obviously.
The httpd server is supposed to serve as a load balancer and proxy to the tomcats. It will have to deliver some static content but first and foremost, I need to get this thing up and running to load balance the JavaEE applications (servlets). AJP to the cluster nodes is a must have for me, since http access must not be allow (+ for some other reasons that are worth a totally different discussion).
Since everybody seems to set up the mod_proxy configuration in a different manner, I am looking for a straight forward solution that gives me something I can build on. If you need more information or more configuration details, let me know and I will provide you with those. I already have a second cluster configured using mod_jk and everything is working as intended, but the Stakeholders require this mod_proxy(_ajp) thing and it just grinds my gears.
Your help is much appreciated!
Best regards!
apache-2.2 tomcat cluster
apache-2.2 tomcat cluster
asked Jan 6 '15 at 2:29
Mosh PitMosh Pit
1491313
asked Jan 6 '15 at 2:29
Mosh PitMosh Pit
1491313
edited Jan 6 '15 at 16:32
Mosh Pit
asked Jan 6 '15 at 2:29
Mosh PitMosh Pit
1491313
asked Jan 6 '15 at 2:29
Mosh PitMosh Pit
1491313
asked Jan 6 '15 at 2:29
Mosh PitMosh Pit
1491313
1491313
Is the 404 from Tomcat or Apache?
– ETL
Jan 6 '15 at 2:43
From Apache, it's shown in the HTTP request.
– Mosh Pit
Jan 6 '15 at 5:32
What is in your Apache error log?
– ETL
Jan 6 '15 at 16:18
Also, just to be sure - the web app does not redirect to https right? As that could give you a problem with the config above.
– ETL
Jan 6 '15 at 16:19
In your config above, your AJP connector is using port 8012. Your apache config points to 8011 and 8010. Another typo?
– ETL
Jan 6 '15 at 16:21
|
show 5 more comments
Is the 404 from Tomcat or Apache?
– ETL
Jan 6 '15 at 2:43
From Apache, it's shown in the HTTP request.
– Mosh Pit
Jan 6 '15 at 5:32
What is in your Apache error log?
– ETL
Jan 6 '15 at 16:18
Also, just to be sure - the web app does not redirect to https right? As that could give you a problem with the config above.
– ETL
Jan 6 '15 at 16:19
In your config above, your AJP connector is using port 8012. Your apache config points to 8011 and 8010. Another typo?
– ETL
Jan 6 '15 at 16:21
Is the 404 from Tomcat or Apache?
– ETL
Jan 6 '15 at 2:43
Is the 404 from Tomcat or Apache?
– ETL
Jan 6 '15 at 2:43
From Apache, it's shown in the HTTP request.
– Mosh Pit
Jan 6 '15 at 5:32
From Apache, it's shown in the HTTP request.
– Mosh Pit
Jan 6 '15 at 5:32
What is in your Apache error log?
– ETL
Jan 6 '15 at 16:18
What is in your Apache error log?
– ETL
Jan 6 '15 at 16:18
Also, just to be sure - the web app does not redirect to https right? As that could give you a problem with the config above.
– ETL
Jan 6 '15 at 16:19
Also, just to be sure - the web app does not redirect to https right? As that could give you a problem with the config above.
– ETL
Jan 6 '15 at 16:19
In your config above, your AJP connector is using port 8012. Your apache config points to 8011 and 8010. Another typo?
– ETL
Jan 6 '15 at 16:21
In your config above, your AJP connector is using port 8012. Your apache config points to 8011 and 8010. Another typo?
– ETL
Jan 6 '15 at 16:21
|
show 5 more comments
1 Answer
1
active
oldest
votes
I haven't tried reproducing your configuration but when I looked at it this morning, it looks like the problem is simply a missing space and possibly the ProxyPassReverse not matching the ProxyPass (however the later wouldn't give you a 404 I think).
ProxyPass / balancer://testcluster/stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/
should be:
ProxyPass / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
At least, that's how I have mine and I have no issue (but I don't use AJP, just regular http proxy).
Obviously this is assuming all the basic stuff are in place (site enabled, reload, http proxy mod installed and enabled, etc).
answered Jan 6 '15 at 14:52
ETLETL
5,53212045
Thanks for your response. Unfortunately, this was just a typo in the post, original file looks good (regarding the missing space). Addedstickysession=JSESSIONID|jsessionidto the PassProxyReverse, doesn't change anything. What I did find out tho is that if I callhttp://httpd_host:8081/manager/html, this gives me the manager app on the master node, but I don't want to type in the port number everytime. Still, if I callhttp://httpd_host:8081/app_context/app_url_patternit gives me the app on the master node, but this node should not answer requests at all, and w/o a port it doesn't work
– Mosh Pit
Jan 6 '15 at 16:13
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f656517%2fapache-tomcat-7-0-57-cluster-mod-proxy-mod-proxy-ajp%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I haven't tried reproducing your configuration but when I looked at it this morning, it looks like the problem is simply a missing space and possibly the ProxyPassReverse not matching the ProxyPass (however the later wouldn't give you a 404 I think).
ProxyPass / balancer://testcluster/stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/
should be:
ProxyPass / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
At least, that's how I have mine and I have no issue (but I don't use AJP, just regular http proxy).
Obviously this is assuming all the basic stuff are in place (site enabled, reload, http proxy mod installed and enabled, etc).
answered Jan 6 '15 at 14:52
ETLETL
5,53212045
Thanks for your response. Unfortunately, this was just a typo in the post, original file looks good (regarding the missing space). Addedstickysession=JSESSIONID|jsessionidto the PassProxyReverse, doesn't change anything. What I did find out tho is that if I callhttp://httpd_host:8081/manager/html, this gives me the manager app on the master node, but I don't want to type in the port number everytime. Still, if I callhttp://httpd_host:8081/app_context/app_url_patternit gives me the app on the master node, but this node should not answer requests at all, and w/o a port it doesn't work
– Mosh Pit
Jan 6 '15 at 16:13
add a comment |
I haven't tried reproducing your configuration but when I looked at it this morning, it looks like the problem is simply a missing space and possibly the ProxyPassReverse not matching the ProxyPass (however the later wouldn't give you a 404 I think).
ProxyPass / balancer://testcluster/stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/
should be:
ProxyPass / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
At least, that's how I have mine and I have no issue (but I don't use AJP, just regular http proxy).
Obviously this is assuming all the basic stuff are in place (site enabled, reload, http proxy mod installed and enabled, etc).
answered Jan 6 '15 at 14:52
ETLETL
5,53212045
Thanks for your response. Unfortunately, this was just a typo in the post, original file looks good (regarding the missing space). Addedstickysession=JSESSIONID|jsessionidto the PassProxyReverse, doesn't change anything. What I did find out tho is that if I callhttp://httpd_host:8081/manager/html, this gives me the manager app on the master node, but I don't want to type in the port number everytime. Still, if I callhttp://httpd_host:8081/app_context/app_url_patternit gives me the app on the master node, but this node should not answer requests at all, and w/o a port it doesn't work
– Mosh Pit
Jan 6 '15 at 16:13
add a comment |
I haven't tried reproducing your configuration but when I looked at it this morning, it looks like the problem is simply a missing space and possibly the ProxyPassReverse not matching the ProxyPass (however the later wouldn't give you a 404 I think).
ProxyPass / balancer://testcluster/stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/
should be:
ProxyPass / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
At least, that's how I have mine and I have no issue (but I don't use AJP, just regular http proxy).
Obviously this is assuming all the basic stuff are in place (site enabled, reload, http proxy mod installed and enabled, etc).
answered Jan 6 '15 at 14:52
ETLETL
5,53212045
I haven't tried reproducing your configuration but when I looked at it this morning, it looks like the problem is simply a missing space and possibly the ProxyPassReverse not matching the ProxyPass (however the later wouldn't give you a 404 I think).
ProxyPass / balancer://testcluster/stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/
should be:
ProxyPass / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://testcluster/ stickysession=JSESSIONID|jsessionid
At least, that's how I have mine and I have no issue (but I don't use AJP, just regular http proxy).
Obviously this is assuming all the basic stuff are in place (site enabled, reload, http proxy mod installed and enabled, etc).
answered Jan 6 '15 at 14:52
ETLETL
5,53212045
answered Jan 6 '15 at 14:52
ETLETL
5,53212045
answered Jan 6 '15 at 14:52
ETLETL
5,53212045
answered Jan 6 '15 at 14:52
ETLETL
5,53212045
5,53212045
Thanks for your response. Unfortunately, this was just a typo in the post, original file looks good (regarding the missing space). Addedstickysession=JSESSIONID|jsessionidto the PassProxyReverse, doesn't change anything. What I did find out tho is that if I callhttp://httpd_host:8081/manager/html, this gives me the manager app on the master node, but I don't want to type in the port number everytime. Still, if I callhttp://httpd_host:8081/app_context/app_url_patternit gives me the app on the master node, but this node should not answer requests at all, and w/o a port it doesn't work
– Mosh Pit
Jan 6 '15 at 16:13
add a comment |
Thanks for your response. Unfortunately, this was just a typo in the post, original file looks good (regarding the missing space). Addedstickysession=JSESSIONID|jsessionidto the PassProxyReverse, doesn't change anything. What I did find out tho is that if I callhttp://httpd_host:8081/manager/html, this gives me the manager app on the master node, but I don't want to type in the port number everytime. Still, if I callhttp://httpd_host:8081/app_context/app_url_patternit gives me the app on the master node, but this node should not answer requests at all, and w/o a port it doesn't work
– Mosh Pit
Jan 6 '15 at 16:13
Thanks for your response. Unfortunately, this was just a typo in the post, original file looks good (regarding the missing space). Added
stickysession=JSESSIONID|jsessionid to the PassProxyReverse, doesn't change anything. What I did find out tho is that if I call http://httpd_host:8081/manager/html, this gives me the manager app on the master node, but I don't want to type in the port number everytime. Still, if I call http://httpd_host:8081/app_context/app_url_pattern it gives me the app on the master node, but this node should not answer requests at all, and w/o a port it doesn't work– Mosh Pit
Jan 6 '15 at 16:13
Thanks for your response. Unfortunately, this was just a typo in the post, original file looks good (regarding the missing space). Added
stickysession=JSESSIONID|jsessionid to the PassProxyReverse, doesn't change anything. What I did find out tho is that if I call http://httpd_host:8081/manager/html, this gives me the manager app on the master node, but I don't want to type in the port number everytime. Still, if I call http://httpd_host:8081/app_context/app_url_pattern it gives me the app on the master node, but this node should not answer requests at all, and w/o a port it doesn't work– Mosh Pit
Jan 6 '15 at 16:13
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f656517%2fapache-tomcat-7-0-57-cluster-mod-proxy-mod-proxy-ajp%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Is the 404 from Tomcat or Apache?
– ETL
Jan 6 '15 at 2:43
From Apache, it's shown in the HTTP request.
– Mosh Pit
Jan 6 '15 at 5:32
What is in your Apache error log?
– ETL
Jan 6 '15 at 16:18
Also, just to be sure - the web app does not redirect to https right? As that could give you a problem with the config above.
– ETL
Jan 6 '15 at 16:19
In your config above, your AJP connector is using port 8012. Your apache config points to 8011 and 8010. Another typo?
– ETL
Jan 6 '15 at 16:21